phash - your web p/w gen
Tuesday, July 24th, 2007
phash is a project I’ve created 1.5 years ago to ease password generation and management. I’ve now re-enabled it under the domain medovs.com.
phash lets you generate various passwords. By typing your single base password and then by typing a service name (gmail etc.), a new password is generated. This ensures you’ll have a different password for each service, a password that is easily generated from your base password.
For instance I have 6-8 web services I visit very frequently, on each one I can have a different user ID and a different password. I have rather a hard time to remember all the passwords so I need to write them down somewhere. Sure, you can say every decent browser today has a “remember password” feature, but what happens when you use more than one computer (home, work, university) ?
phash saves me the need to manage those passwords by enabling me to regenerate the passwords for my web services anywhere, anytime in a secure way.
The service also assigns the generated password to clipboard (available only on IE & Opera, since FireFox’s security settings prohibit such behaviour) for a duration of 10 seconds after which, it restores the previous value, for security reasons.
The service is client side only, so your precious base password never gets transfered.
The service is complemented by:
- Bookmarklets that enable an easy way to generate passwords and put them directly in the password field of the login form in the web page.- desktop application (for Windows) that is elegantly tucked as a tray app and fades away unobtrusively.
Looking back, the name I chose for the service has a nice ring to it, however, it has similarity to phishing. Today I would probably choose another name for it, but I’m too used for phash now.
Enjoy,
